Modern Warfare: U.S. Government Developing Cyberwar Policy

In an effort to face the new threats of modern warfare, the Pentagon ultimately concluded the old ways were the best ways in threatening to use conventional forces in response to any cyber attack on the U.S in order to deter any such attacks. While several administrative figures have suggested in the past few years that the U.S. could use either economic sanctions or military force in response to an attack, the new announcements by the Pentagon are the first attempts to actually attempt a coherent defense policy. According to some opinions, it comes very late as the U.S. is already uncomfortably vulnerable to possible cyber attacks.

However, from a legal standpoint, what makes this interesting is that cyber warfare is almost completely not addressed by the current international treaties. The Pentagon justifies its threatened retaliation plan with the Rules of Armed Conflict; a combination of formal treaties and informal customs traditionally observed in international war. Essentially, the military argues that a cyber attack is no different from any other hostile action that allows for a proportional response. The proportionality and culpability that allows for an attack on any target depends on how closely the target and the attack are related. In that regard, the policy seems strikingly similar to the one the U.S. adopted regarding foreign harboring of terrorists.

The implications are somewhat nebulous as well. Attacks in cyberspace aren’t easy to track down and may have multiple actors involved. Also, legally, there might only be a casus belli if there’s an impact or influence similar to conventional weapons. The person responsible for the attack can quite literally be anywhere or anyone. The policy implications are also staggering and may also have an interesting privacy issue, if the military feels that it has to start searching for whom was the instigator of an attack. Moreover, deterrence only works if the person directing an attack believes that they are in immediate danger of punishment, which may not be the case for a online cyber attack. This also raises interesting questions as to the role of past treaties such as the Geneva Conventions and the new age of cyber warfare. Possibly, new international treaties to discuss this area may be needed or, alternately, this could quickly become just a new facet of the unconventional warfare that seems to be flourishing in the new century.